Right on! That is awesome!
----- Original Message -----
From: "Eelco Lempsink" <eelco at wideview.33lc0.net>
To: <list at dshield.org>
Sent: Tuesday, July 02, 2002 3:39 PM
Subject: [Dshield] DShield.py 3.0rc2 released!
: Ladies and gentlemen... I'm very proud to announce...
: DShield.py 3.0rc2!
:: Yep, that's right, DShield's best ipchains/iptables client just got
: better ;) (For the impatient: URLs are at the bottom)
:: Since about two months, Andrew R. Jones joined the DShield.py
: development 'team'. In the past he made some great suggestions, and
: now he has written a lot of code for DShield.py.
: He extended the SMTP part of the script, added support for PGP
: (GPG), optimized the parsing (big time), and added support for the
: Snort log format. (And he didn't even know anything about Python
: two months ago ;)
:: On large files, DShield.py is _way_ faster than the framework client
: (Although I didn't really test another log format than iptables, I
: think I can make a fairly educated guess about the overall speed of
: DShield.py ;). On a file with about 20000 entries it was three times
: faster.
: Due to the overhead of Python having to load a big script (chockfull
: o' functionality :) it's a tad slower on small logfiles, but since
: the logfile is small, the real difference isn't big anyway (I'm
: talking about 0.1 seconds)
:: Anyway, since I didn't announce 3.0rc1, here are the most important
entries
: from the changelog since 2.2 (in somewhat chronological order):
:: - Added support for signing and encrypting submissions with GPG
: - Added support for SSL/TLS to mail server
: - Added support for authenticating to mail server
: - Added use of SIZE SMTP verb
: - Added a "User-Agent: DShield.py <version>" header to submissions
: - Fixed TCP flags parsing for iptables entries
: - Changed the log prefix to ignore for iptables to a config option
: - Improved log parsing. It's faster now.
: - Added support for Snort
: - Added minimal support for locales (breaks Python 1.5 compatibility)
: - In report(), LF -> CRLF (fixed thanks to Carlo Wood)
:: There's one big 'if' about GPG submissions though. There's a (known)
: problem with submitting encrypted logs, that Johannes has failed to
: fix for some time now... If you didn't include your public key on
: sign up, but added it later, it's probably not correctly imported.
: I'm sure Johannes will notify 'us' (all the people on the mailing
: list, that is) when it's fixed. Please let me know if you use
: DShield.py with GPG. (Just interested.)
:: Furthermore, 3.0rc2 is a beta version, and therefore needs some
: testing on other systems that the developers'. Don't be afraid to
: submit bug reports, we won't bark (nor bite). You can find our email
: addresses at the SourceForge project page (listed with the URL's
: below).
:: Last thing, new developers are always welcome. We would like to
: include support for other formats (such as LaBrea) in the near
: future. Please mail me if you're interested.
:: URLs:
: - DShield.py project page:
:http://sourceforge.net/projects/dshieldpy:: - Download 3.0rc2:
:http://prdownloads.sourceforge.net/dshieldpy/dshieldpy-3.0rc2.tar.gz:: - Latest stable version (2.4), only for chickens ;)
:http://prdownloads.sourceforge.net/dshieldpy/dshieldpy-2.4.tar.gz:: - Always the latest stable version:
:http://prdownloads.sourceforge.net/dshieldpy/dshieldpy.tar.gz::: Eelco
: --
: v++++>7*8-;q;b9*c9*aa*1+:2f*2+-v<[>++++v;;>#;;9p'-6*:+1a+5*aa;#z<>
: 0-<<-z]>+[>|!<>++++++>++++++>++0+>++++<z<<$<-]>-..>++++++.<--.>+++
: n.>>-+----.v<:..<---.<.>>---.--$.<++.<+v+.d>++++++.[-]++++++++++.[
: >44*1^<]www>,^<-*55:\-1+*33:+;.>5k,;2*b<33^\"kn"a,*2+1f;#zrlc0.net
:: _______________________________________________
: Dshield mailing list
:Dshield at dshield.org: To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
::